Google researchers say China-linked UNC6384 combined social engineering, signed malware, and adversary-in-the-middle attacks to evade detection.
The post China-Linked Hackers Hijack Web Traffic to Deliver Backdoor appeared first on SecurityWeek.
Anthropic Disrupts AI-Powered Cyberattacks Automating Theft and Extortion Across Critical Sectors
Anthropic on Wednesday revealed that it disrupted a sophisticated operation that weaponized its artificial intelligence (AI)-powered chatbot Claude to conduct large-scale theft and extortion of personal data in July 2025.
“The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government, and religious institutions,” the company said. “
“The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services, and government, and religious institutions,” the company said. “
Why zero trust is never ‘done’ and is an ever-evolving process
Zero trust isn’t a project you finish—it’s a cycle that keeps evolving. From supply chain exploits to policy drift, resilience requires continuous testing and adaptation. Learn how Specops Software supports this journey with tools that make it easier. […]
ShadowSilk Hits 36 Government Targets in Central Asia and APAC Using Telegram Bots
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC).
According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by threat
According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by threat
Healthcare Services Group data breach impacts 624,000 people
The Healthcare Services Group (HSGI) is alerting more than 600,000 individuals that their personal information was exposed in a security breach last year. […]
Nevada State Offices Closed Following Disruptive Cyberattack
State websites and phone lines were taken offline, but officials say emergency services and personal data remain unaffected.
The post Nevada State Offices Closed Following Disruptive Cyberattack appeared first on SecurityWeek.
Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime
Competition among malware-as-a-service developers has transformed infostealers into refined, accessible tools for cybercriminals worldwide.
The post Infostealers: The Silent Smash-and-Grab Driving Modern Cybercrime appeared first on SecurityWeek.
CISA and Partners Providing Real-Time Incident Response to Cyber Attack on State of Nevada
CISA and Partners Release Joint Advisory on Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage Systems
Citrix Patches Exploited NetScaler Zero-Day
Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies.
The post Citrix Patches Exploited NetScaler Zero-Day appeared first on SecurityWeek.